Lucene search

[email protected]CVE-2007-2075

HistoryApr 18, 2007 - 3:19 a.m.

CVE-2007-2075

2007-04-1803:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

scramdisk

linux

cve-2007-2075

permission checks

system directory

local privilege escalation

6.8 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

ScramDisk 4 Linux before 1.0-1 does not perform permission checks on mount points, which allows local users to gain privileges by using a system directory as a mount point for a container.

CPENameOperatorVersion
scramdisk_4_linux:scramdisk_4_linuxscramdisk 4 linuxle1.0.0

CPE	Name	Operator	Version
scramdisk_4_linux:scramdisk_4_linux	scramdisk 4 linux	le	1.0.0

References

osvdb.org/34966

secunia.com/advisories/24903

sourceforge.net/tracker/index.php?func=detail&aid=1696780&group_id=101952&atid=630783

www.securityfocus.com/bid/23495

www.vupen.com/english/advisories/2007/1418

exchange.xforce.ibmcloud.com/vulnerabilities/33677

6.8 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for CVE-2007-2075

prion1 securityvulns1